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1 DETAILED ACTION 

2 

3 This action is in response to the communication filed on 12/07/2006. 

4 All objections and rejections not set forth below have been withdrawn. 

5 Claims 1,6-8, 14, and 1 9 - 29 are pending. 
6 

7 In view of the supplemental appeal brief filed on 12/7/06, PROSECUTION IS 

8 HEREBY REOPENED. New grounds of rejection are set forth below. 

9 To avoid abandonment of the application, appellant must exercise one of the 

1 0 following two options: 

11 (1 ) file a reply under 37 CFR 1 .1 1 1 (if this Office action is non-final) or a reply 

1 2 under 37 CFR 1 . 1 1 3 (if this Office action is final); or, 

13 (2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .31 followed 



14 by an appeal brief under 37 CFR 41 .37. The previously paid notice of appeal fee and 

1 5 appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth 

16 in 37 CFR 41.20 have been increased since they were previously paid, then appellant 

17 must pay the difference between the increased fees and the amount previously paid. 



1 8 A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by 

1 9 signing below: 

20 p -^5^ 
21 
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1 Claim Rejections - 35 USC § 101 

2 

3 35 U.S. C. 101 reads as follows: 

4 Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 

5 matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 

6 conditions and requirements of this title. 

7 

8 Claims 14, 19, 20, 27 - 29 rejected under 35 U.S.C. 101 because the claimed 



9 invention is directed to non-statutory subject matter. Regarding these claims, they 

1 0 comprise a program stored upon computer media, said media including carrier waves 

1 1 (see instant application, pg. 26, lines 1 - 6). Descriptive material per se does not fall 

12 within the statutory categories of invention. Furthermore, descriptive material born by 

1 3 signals fails to fall within the statutory categories of invention. 
14 



1 5 Claim Rejections - 35 USC § 103 

16 

1 7 The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

1 8 obviousness rejections set forth in this Office action: 

19 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

20 forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 

21 the prior art are such that the subject matter as a whole would have been obvious at the time the 

22 invention was made to a person having ordinary skill in the art to which said subject matter pertains. 

23 Patentability shall not be negatived by the manner in which the invention was made. 

24 
25 

26 Claims 1, 6 - 8, 14, and 19-29 are rejected under 35 U.S.C. 103(a) as being 

27 unpatentable over Al-Salqan, "Method and Apparatus for Encoding Keys", U.S. 

28 Patent, 6,549,626 in view of U.S. Department of Commerce (DOC), "Security 
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1 Requirements for Cryptographic Modules" in view of Hosokawa, "Internet 

2 Broadcast Billing System", U.S. Patent Publication, 2001/0023416 A1. 

3 

4 Regarding claim 1 , Al-Salqan discloses: 

5 receiving, at a security module, a first password corresponding a software 

6 application (Al-Salqan, col. 2, lines 12-28, 49-63; fig. 2, elem. 204). Herein, Al-Salqan 

7 teaches that users may use computers to perform cryptographic applications. For 

8 example, to utilize a cryptographic key, a user may employ an application to provide a 

9 password, derive a key, and perform cryptographic operations upon data such as a file. 
1 0 The inventive method of Al-Salqan is for facilitating the operation of such application. 



1 1 generating, at a security module, a first mask value based on the first password 

12 (Al-Salqan, col. 4, lines 29-46; fig. 2); combining, at a security module, the first mask 

1 3 value with a first encryption key (Al-Salqan, col. 4, lines 49-52; fig. 2); 

1 4 encrypting, at the security module, the tied key using a second encryption key 



1 5 that is associated with the security module, the encrypting resulting in an encrypted tied 

16 key (Al-Salqan, fig. 2). Furthermore, the applicant is kindly reminded of the evidence 

17 submitted by the applicant's representative, admitting to the Prior Art's (Al-Salqan) 

18 teachings ("Prior Art Flow Diagram", Telephonic Interview, 11/15/05). 

1 9 Al-Salqan discloses the returning of the encrypted tied key to what is termed the 

20 "user". While, the Applicants themselves also equate a software application to the 

21 "user" (Instant Application, pg. 2, line 19 - pg. 3, line 2), the examiner notes that Al- 
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1 Salqan does not explicitly state that a software application is represented by "the user" - 

2 hence, returning the encrypted tied key to the software application. 

3 DOC more clearly shows that a user employs a software application to interact 

4 with a security module inside a computer. DOC teaches that a security module 

5 provides cryptographic services to software applications employed by users (iv, #8; pg. 

6 27, sect. 4.6). When a user requests cryptographic services from a security module, the 

7 software application representing the user communicates with the security module using 

8 an application program interface (pg. 14, sect. 4.2; pg. 27, 28, iv). 

9 It would have obvious to recognize the teachings of DOC, that a human employs 

10 a software application to interact with a security module within a computer, along with 

1 1 the teachings of Al-Salqan. This would have been obvious because one of ordinary skill 

12 in the art would have been motivated to practically provide a means for a human to 

13 accomplish a cryptographic application in cooperation with a security module inside a 

1 4 computer. 

1 5 The combination enables: 

1 6 determining, at the software application, that the encrypted tied key corresponds 

1 7 to the security module; in response to the determining, sending the encrypted tied key 

1 8 and a second password from the software application to the security module over a 

1 9 computer network, the second password being the same as the first password (Al- 

20 Salqan, fig. 3, elems. 302,306). Herein, the combination discloses that the software 

21 application transmits the correct password and a corresponding tied key to the security 

22 module, effectively determining the correspondence of the key to the security module. 
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1 receiving, at the security module, the encrypted tied key and the second 

2 password from the software application; in response to receiving the encrypted tied key 

3 and the second password, combining, at the security module, the encrypted tied key 

4 and the second key, the combining resulting in a recovered tied key (Al-Salqan, fig. 3). 

5 Furthermore, the applicant is kindly reminded of the evidence submitted by the 

6 applicant's representative, admitting to the Prior Art's (Al-Salqan) teachings ("Prior Art 

7 Flow Diagram", Telephonic Interview, 1 1/15/05). 

8 generating a second mask value based on the second password (Al-Salqan, col. 

9 4, lines 29-46; fig. 3). Furthermore, the applicant is kindly reminded of the evidence 

10 submitted by the applicant's representative, admitting to the Prior Art's (Al-Salqan) 

1 1 teachings ("Prior Art Flow Diagram", Telephonic Interview, 1 1/15/05); 

1 2 separating a recovered encryption key from the recovered tied key using the 

13 second mask value (Al-Salqan, col. 7, lines 45-49; fig. 3). Furthermore, the applicant is 

14 kindly reminded of the evidence submitted by the applicant's representative, admitting 

1 5 to the Prior Art's (Al-Salqan) teaching of the recovery of an recovered encryption key 

16 from the recovered tied key ("Prior Art Flow Diagram", Telephonic Interview, 1 1/15/05). 

1 7 and encrypting data provided by the software application using the recovered 

18 generated key (Al-Salqan, Abstract, lines 1-3; col. 1, lines 21-28; col. 2:15-22; col. 3, 

19 lines 52-56; DOC, pg. iv, #8). Herein enabled by the combination, is an application that 

20 takes data and a recovered key, and facilitates the performance of cryptographic 

21 operations such as encryption and decryption. 
22 
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1 The combination discloses a system designed to ensure the secrecy of a data 

2 encryption key, such as a symmetric key. Secrecy is accomplished by encrypting the 

3 data encryption key. However, though the combination discloses enabling the secrecy 

4 of a symmetric data encryption key, it does not disclose the enabling of the authenticity 

5 of the key. Thus, the combination does not disclose wherein the first "encryption key" is 

6 derived from a generated key and a known value the combining resulting a tied key or 

7 that the recovered "encryption kef includes a recovered generated key and a 

8 recovered known value. 

9 Hosokawa discloses a method for the verification of the authenticity of a data- 

10 encryption key, the method being performed "as a security measure" (Hosokawa, par 

1 1 37). This "security measure" of ensuring authenticity is additional to the security 

12 measure of ensuring secrecy - encrypting the data encryption key. The method 

13 comprises the creation of a "tied key", or an "encryption key" derived from a generated 

14 key and a known value (Hosokawa, par. 32, lines 8-12; par. 33, lines 1-5; par. 37, lines 

15 11-13; par. 44, lines 11-18). Hosokawa attaches a "known value", a digital signature, to 

16 generated key, and thereby creates a "tied key". After the "tied key" is decrypted, the 

17 attached digital signature is compared to an authentic digital signature so as to verify 

1 8 the authenticity of the generated key. If authentic, the generated key is used for 

1 9 encrypting data. Thus, Hosokawa discloses a method usable to verify the authenticity 

20 of an encryption key, the method ensuring a measure of security. 

21 It would have been obvious to one of ordinary skill in the art to combine the 

22 method of Hosokawa with the system of the combination of Al-Salqan and DOC. This 
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1 would have been obvious because one of ordinary skill in the art would have been 

2 motivated to enhance the security of the system of combination, by not only enabling 

3 the secrecy of the data encryption key, but also the authentication of the data encryption 

4 key. Thus, a more secure system is provided. 
5 



6 Regarding claim 6, the combination disclose: 

7 determining whether the recovered known value is correct; and processing a 

8 data file based on the determination (Hosokawa, col. 2, pars. 32, 33; Al-Salqan, 

9 Abstract, lines 1-3; col. 7, lines 37-49; col. 3, lines 52-56). 
10 

1 1 Regarding claim 7, the combination disclose: 

1 2 wherein the processing is selected from the group consisting of encrypting the 



1 3 data file using the recovered generated key and decrypting the data file using the 

14 recovered generated key (Al-Salqan, Abstract, lines 1-3; col. 7, lines 37-49; col. 3, lines 

15 52-56). 
16 

17 Regarding claim 22, the combination disclose: 

1 8 wherein the generated key is at a level of security corresponding to a sensitivity 

1 9 level of the data being encrypted (Hosokawa, par. 41 ). The combination disclose that 

20 the key is appropriately used for securing data, thus the key is at a level of security 

21 suitable for securing sensitive data. 
22 



Application/Control Number: 10/099,779 Page 9 

Art Unit: 2137 

1 Regarding claims 25 and 28, they are the system means and computer program 

2 product claims implementing the method of claim 22, and they are rejected, at least, for 

3 the same reasons. 
4 

5 Regarding claims 8, 14, 19, and 20, they are the system means and computer 

6 program product claims implementing the method of claims 1 , 6, and 7, and they are 

7 rejected, at least, for the same reasons. Further, regarding claim 8 specifically, it is 

8 rejected because the combination disclose: 

9 one or more processors; a memory accessible by the processors; one or more 

1 0 nonvolatile storage devices accessible by the processors; a hardware security module 

1 1 accessible by the processors; a data security tool for securing data using the hardware 

12 security module (Al-Salqan, figs. 1, 2; col. 3, lines 16-45). 
13 



14. Regarding claims 21 and 23, the combination disclose: 

1 5 wherein the security module is a separate hardware security module and wherein 

16 encrypting the data is performed within the security module (DOC, pg. 5, lines 4-6; pg. 

17 16, sect. 4.3.2). 
18 

1 9 Regarding claims 24, 26, 27, and 29, they are the system means and computer 

20 program product claims implementing the method of claims 21 and 23, and they are 

21 rejected, at least, for the same reasons. 
22 
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1 Response to Arguments 

2 

3L Applicant's arguments with respect to claims have been considered but are moot 

4 in view of the new ground(s) of rejection. 

5 

6 Conclusion 

7 

8 The prior art made of record and not relied upon is considered pertinent to 

9 applicant's disclosure: 

1 0 See Notice of References Cited. 

11 

12 A shortened statutory period for reply is set to expire 3 months (not less than 90 

1 3 days) from the mailing date of this communication. 

14 Any inquiry concerning this communication or earlier communications from the 

15 examiner should be directed to Jeffery Williams whose telephone number is (571 ) 272- 

16 7965. The examiner can normally be reached on 8:30-5:00. 

17 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

18 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

19 number for the organization where this application or proceeding is assigned is (703) 

20 872-9306. 
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1 Information regarding the status of an application may be obtained from the 

2 Patent Application Information Retrieval (PAIR) system. Status information for 

3 published applications may be obtained from either Private PAIR or Public PAIR. 

4 Status information for unpublished applications is available through Private PAIR only. 

5 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

6 you have questions on access to the Private PAIR system, contact the Electronic 

7 Business Center (EBC) at 866-21 7-91 97 (toll-free). 



8 J. Williams 

9 AU:2137 

10 -TW 
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